Privacy Policy

About This Policy

Chat4U is an AI chat agent platform that helps website owners deploy intelligent chat agents powered by their own content. We offer both Standard Agents — which answer visitor questions using Retrieval-Augmented Generation (RAG) — and Pro Agents, which can interact directly with page elements on behalf of visitors.

We take the privacy of our users and their website visitors seriously. This Privacy Policy describes how Chat4U collects, uses, and protects personal data, and explains the rights available to you. Because privacy is an evolving responsibility, we will update this Policy from time to time as our practices change. We encourage you to review it periodically.

Information We Collect

We collect personal data in several ways depending on how you interact with our platform:

Account and profile information — When you register for Chat4U, we collect identifying details such as your name, work email address, company name, and job title. This information is managed through our authentication provider and used solely to operate your account and provide our services.

Usage and technical data — When you access chat4u.ai or the Chat4U dashboard, our servers automatically record information including your IP address, approximate geographic region, browser type, operating system, referring URL, and pages visited. We use this data to maintain and improve the platform, diagnose technical issues, and understand how the service is used in aggregate.

Widget and visitor data — When one of our customer's website visitors interacts with an embedded Chat4U widget, the conversation content is stored in that customer's isolated project environment. This data is used exclusively to power the agent's responses and is not linked to any other user profile.

Third-party sourced data — Occasionally we receive supplementary information about prospective customers from publicly available sources or business intelligence providers, such as information about your employer or industry sector.

How We Use Your Information

We process the personal data we collect for the following purposes:

• To create and manage your Chat4U account and provide the services you have requested
• To respond to support inquiries and communicate important service updates
• To monitor platform performance, detect abuse, and ensure reliability
• To improve our product features based on aggregated usage patterns
• To comply with legal obligations and enforce our Terms of Service

We do not sell personal data to any third party. We do not use customer content or visitor conversations to train AI models. Responses generated by Chat4U agents are produced at query time using RAG over your project's indexed content — no data ever enters a model training pipeline.

We have a legitimate interest in understanding how our platform is used so that we can provide a better, more relevant service. This analysis is conducted at an aggregate level and does not involve decisions that affect you individually.

Cookies and Similar Technologies

Chat4U uses cookies and similar browser-based storage to maintain sessions, remember accessibility preferences, and gather basic analytics. Our website does not use advertising or cross-site tracking cookies.

For a detailed description of each cookie we set, how long it persists, and how to manage or disable it, please visit our Cookie Policy.

Data Protection and Security

We apply multiple layers of protection to safeguard your data:

• Encryption: All data is encrypted at rest and in transit using industry-standard algorithms.
• Isolated project stores: Each Chat4U project has its own isolated vector database. Content from one project is never accessible to agents belonging to another project.
• Access controls: Role-based permissions ensure that only authorised team members within your workspace can access your project data.
• Rate limiting and domain allowlist: Agents are protected against abuse through per-agent rate limiting, and you can restrict widget embedding to specific domains you control.
• Infrastructure: Chat4U runs on Amazon Web Services (AWS) infrastructure hosted in the eu-central-1 region. Data is processed and stored within AWS-managed services including ECS Fargate, RDS PostgreSQL, ElastiCache, S3, and CloudFront.
• No AI training: We do not use your data — or your visitors' conversation data — to train, fine-tune, or improve any AI or machine learning model. RAG retrieval is performed at inference time and does not modify any underlying model.

Sharing With Third Parties

Personal data stored by Chat4U resides on servers maintained by third-party cloud infrastructure providers. These providers access data only as necessary to deliver storage, compute, or other infrastructure services, and are contractually prohibited from using it for any independent purpose.

We may engage service providers to send communications on our behalf or to assist with platform operations. A list of our active sub-processors is available upon request at contact@chat4u.ai.

Beyond the above, we do not disclose personal data to external parties except in the following circumstances:

1. You have explicitly requested or authorised the disclosure.
2. Disclosure is required to comply with applicable law, a valid court order, subpoena, or lawful request from a government authority.
3. Disclosure is necessary to enforce our agreements with you, or to protect the rights, property, or safety of Chat4U, our employees, or others.
4. Disclosure is made to agents or service providers acting on our behalf under appropriate confidentiality obligations.
5. Disclosure is required to respond to an emergency affecting personal safety.
6. Disclosure is made to a party who has demonstrated legal authority to act on your behalf.

We may publish aggregated, non-personally-identifiable statistics about service usage. These reports cannot be used to identify any individual.

International Data Transfers

Chat4U's primary infrastructure is located in the European Union (AWS eu-central-1). Where personal data originating in the EEA or the UK is transferred to a country that has not received an adequacy decision, we rely on the EU Standard Contractual Clauses (SCCs) under Article 46 of the GDPR, enhanced in line with guidance from the European Data Protection Board, as the appropriate transfer safeguard.

In limited circumstances we may also transfer personal data internationally on the basis of your explicit consent, to perform a contract with you, or to serve a compelling and proportionate legitimate interest that does not override your rights and freedoms. We enter into data processing agreements with our vendors wherever feasible. To date, Chat4U has not received any government requests for user data.

For questions about our transfer mechanisms, contact us at contact@chat4u.ai.

Data Retention

We retain personal data associated with your account for as long as your account is active and for a reasonable period thereafter to fulfil any outstanding obligations, resolve disputes, and maintain records required by law or legitimate business need.

Visitor conversation data is retained for the duration of a customer's active subscription and is deleted within a reasonable period following account closure. Prospect data is purged once it no longer has business value.

You may request deletion of your personal data at any time (subject to applicable legal retention requirements) by contacting us at contact@chat4u.ai. We will respond to verified deletion requests within 30 days.

Your Rights

If you are located in the European Union, the United Kingdom, or another jurisdiction with comprehensive data protection legislation, you have the following rights in relation to your personal data:

• Right to be informed — to know what data we hold about you and how it is used
• Right of access — to obtain a copy of your personal data
• Right to rectification — to have inaccurate data corrected
• Right to erasure — to request deletion of your personal data
• Right to restrict processing — to ask us to limit how we use your data
• Right to data portability — to receive your data in a structured, machine-readable format
• Right to object — to object to processing based on our legitimate interests, including direct marketing
• Rights related to automated decision-making — to not be subject to decisions made solely by automated processing that significantly affect you

To exercise any of these rights, please contact us at contact@chat4u.ai. We will respond within 30 days and may ask you to verify your identity before processing the request. Access to your data is provided free of charge. If you are located in the EU, you also have the right to lodge a complaint with your national data protection authority or with the European Data Protection Supervisor.

Children's Privacy

Our platform and website are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently received information from a child, please contact us and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this Policy periodically. Continued use of our services after an update constitutes your acceptance of the revised Policy.

Contact Us

If you have questions, concerns, or complaints about this Privacy Policy, or if you wish to exercise your privacy rights, please reach out to us:

Chat4U

contact@chat4u.ai

chat4u.ai